RkU Version: 3.8 (b020410.388.590), Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6002 (Service Pack 2)
Number of processors #2
==============================================
>SSDT State
==============================================
ntkrnlpa.exe-->NtTerminateProcess, Type: Address change 0x8223CD60-->80CE736F [Unknown module filename]
==============================================
>Shadow
==============================================
==============================================
>Processes
==============================================
0x8174C150 [340] C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe (Andrea Electronics Corporation, Andrea filters APO access service (32-bit))
0x8175FB30 [356] C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH, Antivirus On-Access Service)
0x817A04E8 [432] C:\Windows\System32\svchost.exe (Microsoft Corporation, Hostprozess für Windows-Dienste)
0x8F160060 [440] C:\Windows\System32\smss.exe (Microsoft Corporation, Windows Session Manager)
0x90101C90 [568] C:\Windows\System32\csrss.exe (Microsoft Corporation, Client-Server-Laufzeitprozess)
0x900F81C8 [628] C:\Windows\System32\wininit.exe (Microsoft Corporation, Windows-Startanwendung)
0x8641FD90 [640] C:\Windows\System32\csrss.exe (Microsoft Corporation, Client-Server-Laufzeitprozess)
0x901AAD90 [672] C:\Windows\System32\services.exe (Microsoft Corporation, Anwendung für Dienste und Controller)
0x8645BCD8 [684] C:\Windows\System32\lsass.exe (Microsoft Corporation, Local Security Authority Process)
0x901FBC18 [692] C:\Windows\System32\lsm.exe (Microsoft Corporation, Lokaler Sitzungs-Manager-Dienst)
0x817851F0 [724] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc., Apple Mobile Device Service)
0x900E48E8 [768] C:\Windows\System32\winlogon.exe (Microsoft Corporation, Windows-Anmeldeanwendung)
0x900CB828 [876] C:\Windows\System32\svchost.exe (Microsoft Corporation, Hostprozess für Windows-Dienste)
0x9789EA00 [956] C:\Windows\System32\svchost.exe (Microsoft Corporation, Hostprozess für Windows-Dienste)
0x817A6788 [1044] C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation., Bluetooth Support Server)
0x978DE8D0 [1056] C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc., ATI External Event Utility EXE Module)
0x978CA958 [1072] C:\Windows\System32\svchost.exe (Microsoft Corporation, Hostprozess für Windows-Dienste)
0x900CD5D0 [1100] C:\Windows\System32\svchost.exe (Microsoft Corporation, Hostprozess für Windows-Dienste)
0x978DBD90 [1124] C:\Windows\System32\svchost.exe (Microsoft Corporation, Hostprozess für Windows-Dienste)
0x978E9030 [1160] C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\stacsv.exe (IDT, Inc., IDT PC Audio)
0x816A8030 [1316] C:\Windows\System32\SLsvc.exe (Microsoft Corporation, Microsoft-Softwarelizenzierungsdienst)
0x816243B8 [1376] C:\Windows\System32\svchost.exe (Microsoft Corporation, Hostprozess für Windows-Dienste)
0x8178F438 [1400] C:\Program Files\FHMünchen\VPN Client\cvpnd.exe (Cisco Systems, Inc., Cisco Systems VPN Client)
0x81616D90 [1508] C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation, Dock Login Service)
0x8178ED90 [1532] C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH, AntiVir shadow copy service)
0x81670148 [1580] C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc., ATI External Event Utility EXE Module)
0x816A6D90 [1624] C:\Windows\System32\svchost.exe (Microsoft Corporation, Hostprozess für Windows-Dienste)
0x816C1700 [1820] C:\Windows\System32\spoolsv.exe (Microsoft Corporation, Spoolersubsystem-Anwendung)
0x816D3030 [1844] C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH, Antivirus Scheduler)
0x816D58E0 [1856] C:\Windows\System32\svchost.exe (Microsoft Corporation, Hostprozess für Windows-Dienste)
0x817817A8 [1936] C:\Program Files\iPod\bin\iPodService.exe (Apple Inc., iPodService Module (32-bit))
0x81795D90 [1992] C:\Program Files\MYsql\MySQL Server 5.1\bin\mysqld.exe
0x84F11598 [2052] C:\Windows\System32\svchost.exe (Microsoft Corporation, Hostprozess für Windows-Dienste)
0x817EAA38 [2088] C:\Windows\System32\PnkBstrA.exe
0x89BD5218 [2144] C:\Windows\System32\svchost.exe (Microsoft Corporation, Hostprozess für Windows-Dienste)
0x89BE9128 [2188] C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation, Microsoft SeaPort Search Enhancement Broker)
0x979A1398 [2272] C:\Windows\System32\svchost.exe (Microsoft Corporation, Hostprozess für Windows-Dienste)
0x979955F0 [2304] C:\Windows\System32\svchost.exe (Microsoft Corporation, Hostprozess für Windows-Dienste)
0x981EFD90 [2384] C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation, Microsoft Windows Search-Indexerstellung)
0x8550B4A8 [2788] C:\Windows\System32\SearchProtocolHost.exe (Microsoft Corporation, Microsoft Windows Search Protocol Host)
0x9F237D90 [2860] C:\Windows\System32\taskeng.exe (Microsoft Corporation, Aufgabenplanungsmodul)
0x9F21EA50 [2876] C:\Windows\System32\dwm.exe (Microsoft Corporation, Desktopfenster-Manager)
0x9F20EC80 [2908] C:\Windows\explorer.exe (Microsoft Corporation, Windows-Explorer)
0x9F2AD4C8 [3120] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd., Alps Pointing-device Driver)
0x9F2A8030 [3136] C:\Windows\System32\taskeng.exe (Microsoft Corporation, Aufgabenplanungsmodul)
0x9F2D2658 [3168] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc., IDT PC Audio)
0x9F24BD90 [3180] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc., Catalyst Control Center: Monitoring program)
0x9F2D6500 [3208] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc., iTunesHelper)
0x9F2EC180 [3220] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH, Antivirus System Tray Tool)
0x8550BAC8 [3236] C:\Windows\System32\SearchFilterHost.exe (Microsoft Corporation, Microsoft Windows Search Filter Host)
0x9F2DE6A0 [3248] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation, Windows-Sidebar)
0x9F2F4328 [3272] C:\Windows\ehome\ehtray.exe (Microsoft Corporation, Media Center Tray Applet)
0x9F309210 [3324] C:\Apache\bin\ApacheMonitor.exe (Apache Software Foundation, Apache HTTP Server Monitor)
0x9F303030 [3364] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc., QuickSet)
0x84E0E330 [3468] C:\Windows\System32\wuauclt.exe (Microsoft Corporation, Windows Update)
0x9F3312C8 [3612] C:\Windows\ehome\ehmsas.exe (Microsoft Corporation, Media Center Media Status Aggregator Service)
0x9F3DAD90 [3884] C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd., ApMsgFwd)
0x81639D90 [3932] C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation, WMI Provider Host)
0x8163A0D8 [3988] C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd., Alps Pointing-device Driver)
0x81654D90 [4000] C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd., Alps Pointing-device Driver for Windows NT/2000/XP/Vista)
0x8171C8B0 [4088] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc., Catalyst Control Centre: Host application)
0x8527F820 [4932] C:\Users\SAM\Desktop\RKUnhookerLE.EXE (UG North, RKULE, SR2 Normandy)
0x84564A90 [4] System
0x9791B030 [1232] C:\Windows\System32\audiodg.exe (Microsoft Corporation, Windows Graphisolierung für Audiogeräte )
==============================================
>Drivers
==============================================
0x8DC02000 C:\Windows\system32\DRIVERS\atikmdag.sys 5861376 bytes (ATI Technologies Inc., ATI Radeon Kernel Mode Driver)
0x8204C000 C:\Windows\system32\ntkrnlpa.exe 3903488 bytes (Microsoft Corporation, NT Kernel & System)
0x8204C000 PnpManager 3903488 bytes
0x8204C000 RAW 3903488 bytes
0x8204C000 WMIxWDM 3903488 bytes
0x8E60B000 C:\Windows\system32\DRIVERS\NETw5v32.sys 3702784 bytes (Intel Corporation, Intel® Wireless WiFi Link Driver)
0x96CF0000 Win32k 2105344 bytes
0x96CF0000 C:\Windows\System32\win32k.sys 2105344 bytes (Microsoft Corporation, Mehrbenutzer-Win32-Treiber)
0x8A20E000 C:\Windows\System32\Drivers\Ntfs.sys 1114112 bytes (Microsoft Corporation, NT-Dateisystemtreiber)
0x8267D000 C:\Windows\system32\drivers\ndis.sys 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x8A005000 C:\Windows\System32\drivers\tcpip.sys 958464 bytes (Microsoft Corporation, TCP/IP Driver)
0x804DF000 C:\Windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Codeintegritätsmodul)
0x9D60A000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x9AC09000 C:\Windows\system32\drivers\spsys.sys 720896 bytes (Microsoft Corporation, security processor)
0x8A10A000 C:\Windows\System32\drivers\dxgkrnl.sys 659456 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x9BA95000 C:\Windows\system32\Drivers\CVPNDRVA.sys 589824 bytes (Cisco Systems, Inc., Cisco Systems VPN Client IPSec Driver)
0x8E40D000 C:\Windows\system32\DRIVERS\HDAudBus.sys 577536 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x80605000 C:\Windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0x8260C000 C:\Windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x80415000 C:\Windows\system32\mcupdate_GenuineIntel.dll 458752 bytes (Microsoft Corporation, Intel Microcode Update Library)
0x9AD40000 C:\Windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, HTTP-Protokollstapel)
0x8F20A000 C:\Windows\system32\DRIVERS\stwrt.sys 413696 bytes (IDT, Inc., IDT PC Audio)
0x8E569000 C:\Windows\system32\DRIVERS\itecir.sys 360448 bytes (ITE Tech. Inc. , ITE Consumer IR Driver for eHome)
0x8E517000 C:\Windows\system32\DRIVERS\rixdptsk.sys 335872 bytes (REDC, RICOH XD SM Driver)
0x9BA2F000 C:\Windows\System32\DRIVERS\srv.sys 319488 bytes (Microsoft Corporation, Server driver)
0x96F40000 C:\Windows\System32\ATMFD.DLL 311296 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0x80737000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x8F342000 C:\Windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x8068E000 C:\Windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI-Treiber für NT)
0x8F4CD000 C:\Windows\system32\DRIVERS\OA001Vid.sys 282624 bytes (Creative Technology Ltd., Video Capture Device Driver)
0x8049E000 C:\Windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x8EC05000 C:\Windows\system32\DRIVERS\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x8ED75000 C:\Windows\system32\drivers\HdAudio.sys 258048 bytes (Microsoft Corporation, High Definition Audio Function Driver)
0x8E4A5000 C:\Windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x8F409000 C:\Windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x827B3000 C:\Windows\system32\drivers\NETIO.SYS 241664 bytes (Microsoft Corporation, Network I/O Subsystem)
0x8F5BB000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x8A31E000 C:\Windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volumeschattenkopie-Treiber)
0x8E993000 C:\Windows\system32\DRIVERS\k57nd60x.sys 217088 bytes (Broadcom Corporation, Broadcom NetLink (TM) Gigabit Ethernet NDIS6.x Unified Driver.)
0x8ED2F000 C:\Windows\system32\DRIVERS\usbhub.sys 217088 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x82019000 ACPI_HAL 208896 bytes
0x82019000 C:\Windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x805BF000 C:\Windows\system32\drivers\fltmgr.sys 204800 bytes (Microsoft Corporation, Microsoft Dateisystem-Filter-Manager)
0x8F38A000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x9ACB9000 C:\Windows\system32\DRIVERS\RMCAST.sys 196608 bytes (Microsoft Corporation, Reliable Multicast Transport)
0x8A1AB000 C:\Windows\system32\DRIVERS\msiscsi.sys 192512 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x8E1A5000 C:\Windows\system32\DRIVERS\Apfiltr.sys 184320 bytes (Alps Electric Co., Ltd., Alps Touch Pad Driver)
0x8EDB4000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x82788000 C:\Windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x8ECE0000 C:\Windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0x9ACF9000 C:\Windows\system32\DRIVERS\nwifi.sys 172032 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0x9D6FE000 C:\Windows\System32\Drivers\fastfat.SYS 163840 bytes (Microsoft Corporation, Fast FAT File System Driver)
0x8A36E000 C:\Windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x806E5000 C:\Windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT-Plug & Play PCI-Enumerator)
0x9BA08000 C:\Windows\System32\DRIVERS\srv2.sys 159744 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x8A1DA000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x8EC73000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x8F466000 C:\Windows\system32\DRIVERS\avipbb.sys 139264 bytes (Avira GmbH, Avira Driver for Security Enhancement)
0x8A3A6000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x8F57B000 C:\Windows\system32\drivers\mrxdav.sys 135168 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0x8F512000 C:\Windows\system32\DRIVERS\OA001Ufd.sys 135168 bytes (Creative Technology Ltd., Video Class Upper Filter Driver)
0x8F2C5000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x8E1E1000 C:\Windows\system32\DRIVERS\dne2000.sys 126976 bytes (Deterministic Networks, Inc., Deterministic Network Enhancer)
0x8F59C000 C:\Windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x80799000 C:\Windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0x9ADAD000 C:\Windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x8A0EF000 C:\Windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x8F54B000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA-Filtertreiber zur Dateivirtualisierung)
0x8E9E6000 C:\Windows\system32\DRIVERS\sdbus.sys 106496 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0x9ADCA000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x8E5DF000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x8EDE1000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x8F44F000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x8EC51000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x8F4AA000 C:\Windows\system32\DRIVERS\usbccgp.sys 94208 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0x9D726000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x8F3BC000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, QoS-Paketplaner)
0x8F318000 C:\Windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0x8F566000 C:\Windows\system32\DRIVERS\avgntflt.sys 86016 bytes (Avira GmbH, Avira Minifilter Driver)
0x9ADE3000 C:\Windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x8ECB9000 C:\Windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x8ECA5000 C:\Windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x8E503000 C:\Windows\system32\DRIVERS\rimsptsk.sys 81920 bytes (REDC, RICOH MS Driver)
0x8F32E000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x8E5C1000 C:\Windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, i8042-Anschlusstreiber)
0x9AD2D000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x8F3E0000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x8A395000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x8ED64000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x80485000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Plattformspezifischer Hardwarefehlertreiber)
0x8E4F2000 C:\Windows\system32\DRIVERS\rimmptsk.sys 69632 bytes (REDC, RICOH SD Driver)
0x807CF000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x8F27A000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)
0x9ACE9000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x80781000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x8E9C8000 C:\Windows\system32\DRIVERS\ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0x8ECCE000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x8E1D2000 C:\Windows\system32\DRIVERS\intelppm.sys 61440 bytes (Microsoft Corporation, Processor Device Driver)
0x8F53C000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x8A35F000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x8070C000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x8EC96000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x8E4E3000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x80728000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x8E9D8000 C:\Windows\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0x96F30000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x8ED0A000 C:\Windows\system32\DRIVERS\circlass.sys 57344 bytes (Microsoft Corporation, Consumer IR Class Driver for eHome)
0x8F3D2000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8F301000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x807C1000 C:\Windows\system32\drivers\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x8F488000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x9BB25000 C:\Windows\system32\drivers\npf_devolo.sys 53248 bytes (CACE Technologies, npf.sys (NT5/6 x86) Kernel Driver)
0x8ED22000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x80681000 C:\Windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0x9D6F2000 C:\Windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x8F2B9000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x8E199000 C:\Windows\System32\drivers\watchdog.sys 49152 bytes (Microsoft Corporation, Watchdog Driver)
0x8F495000 C:\Windows\System32\Drivers\dump_dumpata.sys 45056 bytes
0x8F26F000 C:\Windows\system32\DRIVERS\hidir.sys 45056 bytes (Microsoft Corporation, Infrared Miniport Driver for Input Devices)
0x8E600000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Tastaturklassentreiber)
0x8E5D4000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mausklassentreiber)
0x8F2F6000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x8EC68000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x8EC46000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x8A3F2000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8E49A000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x8071E000 C:\Windows\system32\DRIVERS\BATTC.SYS 40960 bytes (Microsoft Corporation, Battery Class Driver)
0x8F4A0000 C:\Windows\System32\Drivers\dump_msahci.sys 40960 bytes
0x8F4C3000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x807B7000 C:\Windows\system32\drivers\msahci.sys 40960 bytes (Microsoft Corporation, MS AHCI 1.0 Standard Driver)
0x8ED18000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x9AD23000 C:\Windows\system32\DRIVERS\ndisuio.sys 40960 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x8F445000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0x9D6E8000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x9D751000 C:\Windows\system32\DRIVERS\asyncmac.sys 36864 bytes (Microsoft Corporation, MS Remote Access serial network driver)
0x8A3C7000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x8F2A2000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x8F533000 C:\Windows\system32\DRIVERS\hidusb.sys 36864 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0x8F291000 C:\Windows\system32\DRIVERS\kbdhid.sys 36864 bytes (Microsoft Corporation, HID-Tastaturfiltertreiber)
0x9D75A000 C:\Windows\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0x807DF000 C:\Windows\System32\Drivers\PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0x8F30F000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x96F10000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x8A200000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8E400000 C:\Windows\system32\DRIVERS\wmiacpi.sys 36864 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0x806D4000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x80791000 C:\Windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x80496000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x8F29A000 C:\Windows\system32\DRIVERS\mouhid.sys 32768 bytes (Microsoft Corporation, HID-Mausfiltertreiber)
0x806DD000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8F2E6000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8F2EE000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8A357000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x8F2B2000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x8F28A000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x8040E000 C:\Windows\system32\kdcom.dll 28672 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x8F2AB000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x8E5F7000 C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0x8F3F3000 C:\Windows\system32\DRIVERS\ssmdrv.sys 24576 bytes (Avira GmbH, AVIRA SnapShot Driver)
0x8E409000 C:\Windows\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0x8071B000 C:\Windows\system32\DRIVERS\compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0x8ECDE000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x8F4C1000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
==============================================
>Stealth
==============================================
0x07E00000 Hidden Image-->CLI.Component.Dashboard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 1003520 bytes
0x07570000 Hidden Image-->CLI.Aspect.Radeon3D.Graphics.Wizard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 102400 bytes
0x009B0000 Hidden Image-->MOM.Implementation.DLL [ EPROCESS 0x9F24BD90 ] PID: 3180, 118784 bytes
0x00A50000 Hidden Image-->MOM.Implementation.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 118784 bytes
0x07A70000 Hidden Image-->CLI.Aspect.DisplaysOptions.Graphics.Dashboard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 126976 bytes
0x079F0000 Hidden Image-->CLI.Aspect.Welcome.Graphics.Dashboard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 143360 bytes
0x08490000 Hidden Image-->CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 159744 bytes
0x07C60000 Hidden Image-->CLI.Aspect.DisplaysManager.Graphics.Wizard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 1699840 bytes
0x07590000 Hidden Image-->CLI.Aspect.InfoCentre.Graphics.Wizard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 217088 bytes
0x07A20000 Hidden Image-->CLI.Aspect.InfoCentre.Graphics.Dashboard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 233472 bytes
0x05800000 Hidden Image-->CLI.Caste.Graphics.Runtime.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 282624 bytes
0x00AD0000 Hidden Image-->MOM.Foundation.DLL [ EPROCESS 0x9F24BD90 ] PID: 3180, 28672 bytes
0x00F00000 Hidden Image-->LOG.Foundation.Implementation.Private.DLL [ EPROCESS 0x9F24BD90 ] PID: 3180, 28672 bytes
0x003B0000 Hidden Image-->MOM.Foundation.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x003D0000 Hidden Image-->LOG.Foundation.Implementation.Private.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x01740000 Hidden Image-->LOCALIZATION.Foundation.Private.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x01DB0000 Hidden Image-->CLI.Component.Runtime.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x04060000 Hidden Image-->CLI.Component.SkinFactory.resources.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x04CB0000 Hidden Image-->AEM.Server.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x04E00000 Hidden Image-->AEM.Plugin.DPPE.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x04E60000 Hidden Image-->DEM.Foundation.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x04E40000 Hidden Image-->AEM.Plugin.WinMessages.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x04E30000 Hidden Image-->AEM.Plugin.Hotkeys.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x04E80000 Hidden Image-->DEM.Graphics.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x05590000 Hidden Image-->DEM.OS.I0602.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x055B0000 Hidden Image-->DEM.Graphics.I0709.dll [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x055A0000 Hidden Image-->DEM.OS.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x05870000 Hidden Image-->AEM.Plugin.GD.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x05950000 Hidden Image-->AEM.Actions.CCAA.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x062D0000 Hidden Image-->DEM.Graphics.I0804.dll [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x06380000 Hidden Image-->CLI.Caste.Graphics.Runtime.Shared.Private.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x06350000 Hidden Image-->CLI.Aspect.HotkeysHandling.Graphics.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x06340000 Hidden Image-->CLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x065E0000 Hidden Image-->DEM.Graphics.I0706.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x065D0000 Hidden Image-->DEM.Graphics.I0805.dll [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x06960000 Hidden Image-->DEM.Graphics.I0712.dll [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x06C20000 Hidden Image-->APM.Foundation.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x06C50000 Hidden Image-->CLI.Component.Runtime.Extension.EEU.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x06E80000 Hidden Image-->CLI.Component.Client.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x06E70000 Hidden Image-->AEM.Plugin.EEU.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x06EB0000 Hidden Image-->CLI.Component.Wizard.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x06FE0000 Hidden Image-->CLI.Caste.Graphics.Wizard.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x075D0000 Hidden Image-->atixclib.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x079A0000 Hidden Image-->CLI.Component.Dashboard.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x079E0000 Hidden Image-->CLI.Caste.Graphics.Dashboard.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x07F00000 Hidden Image-->CLI.Component.Dashboard.Shared.Private.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 28672 bytes
0x07850000 Hidden Image-->CLI.Aspect.DeviceLCD.Graphics.Wizard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 315392 bytes
0x081F0000 Hidden Image-->CLI.Aspect.Radeon3D.Graphics.Dashboard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 356352 bytes
0x00FD0000 Hidden Image-->NEWAEM.Foundation.DLL [ EPROCESS 0x9F24BD90 ] PID: 3180, 36864 bytes
0x00FC0000 Hidden Image-->CCC.Implementation.DLL [ EPROCESS 0x9F24BD90 ] PID: 3180, 36864 bytes
0x00380000 Hidden Image-->CCC.Implementation.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 36864 bytes
0x01750000 Hidden Image-->AxInterop.WBOCXLib.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 36864 bytes
0x01730000 Hidden Image-->CLI.Foundation.XManifest.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 36864 bytes
0x04070000 Hidden Image-->NEWAEM.Foundation.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 36864 bytes
0x04CC0000 Hidden Image-->Interop.WBOCXLib.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 36864 bytes
0x05580000 Hidden Image-->ACE.Graphics.DisplaysManager.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 36864 bytes
0x05860000 Hidden Image-->LOCALIZATION.Foundation.Implementation.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 36864 bytes
0x063A0000 Hidden Image-->CLI.Aspect.CustomFormats.Graphics.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 36864 bytes
0x06650000 Hidden Image-->CLI.Aspect.DisplaysColour2.Graphics.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 36864 bytes
0x06890000 Hidden Image-->CLI.Aspect.DisplaysOptions.Graphics.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 36864 bytes
0x068F0000 Hidden Image-->CLI.Aspect.DeviceLCD.Graphics.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 36864 bytes
0x06FC0000 Hidden Image-->CLI.Component.Wizard.Shared.Private.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 36864 bytes
0x07360000 Hidden Image-->CLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 36864 bytes
0x080A0000 Hidden Image-->CLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 389120 bytes
0x07370000 Hidden Image-->CLI.Component.Wizard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 405504 bytes
0x076E0000 Hidden Image-->CLI.Aspect.MMVideo.Graphics.Wizard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 413696 bytes
0x08100000 Hidden Image-->CLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 413696 bytes
0x08030000 Hidden Image-->CLI.Aspect.DisplaysManager.Graphics.Dashboard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 446464 bytes
0x009E0000 Hidden Image-->LOG.Foundation.DLL [ EPROCESS 0x9F24BD90 ] PID: 3180, 45056 bytes
0x00A00000 Hidden Image-->LOG.Foundation.Private.DLL [ EPROCESS 0x9F24BD90 ] PID: 3180, 45056 bytes
0x003A0000 Hidden Image-->LOG.Foundation.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 45056 bytes
0x00890000 Hidden Image-->LOG.Foundation.Private.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 45056 bytes
0x01DC0000 Hidden Image-->ATICCCom.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 45056 bytes
0x063C0000 Hidden Image-->CLI.Aspect.DeviceProperty.Graphics.Runtime.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 45056 bytes
0x065F0000 Hidden Image-->CLI.Aspect.DeviceProperty.Graphics.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 45056 bytes
0x06780000 Hidden Image-->CLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 45056 bytes
0x068D0000 Hidden Image-->CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 45056 bytes
0x08170000 Hidden Image-->CLI.Aspect.DeviceDFP.Graphics.Dashboard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 462848 bytes
0x074F0000 Hidden Image-->CLI.Aspect.TransCode.Graphics.Wizard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 495616 bytes
0x01D80000 Hidden Image-->CLI.Component.Runtime.Shared.Private.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 53248 bytes
0x01DA0000 Hidden Image-->CLI.Foundation.Private.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 53248 bytes
0x04050000 Hidden Image-->AEM.Server.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 53248 bytes
0x04CE0000 Hidden Image-->AEM.Plugin.Source.Kit.Server.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 53248 bytes
0x04E50000 Hidden Image-->DEM.Graphics.I0601.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 53248 bytes
0x06390000 Hidden Image-->CLI.Aspect.DeviceCV.Graphics.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 53248 bytes
0x06640000 Hidden Image-->CLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 53248 bytes
0x068B0000 Hidden Image-->CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 53248 bytes
0x06C40000 Hidden Image-->CLI.Component.Client.Shared.Private.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 53248 bytes
0x06FD0000 Hidden Image-->CLI.Caste.Graphics.Wizard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 53248 bytes
0x07350000 Hidden Image-->CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 53248 bytes
0x073E0000 Hidden Image-->CLI.Aspect.TransCode.Graphics.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 53248 bytes
0x08250000 Hidden Image-->CLI.Aspect.DisplaysColour2.Graphics.Dashboard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 593920 bytes
0x003C0000 Hidden Image-->CLI.Foundation.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 61440 bytes
0x00A70000 Hidden Image-->CLI.Component.SkinFactory.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 61440 bytes
0x01760000 Hidden Image-->CLI.Component.Runtime.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 61440 bytes
0x05470000 Hidden Image-->CLI.Caste.Graphics.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 61440 bytes
0x068C0000 Hidden Image-->CLI.Aspect.DeviceCRT.Graphics.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 61440 bytes
0x06940000 Hidden Image-->CLI.Aspect.DeviceDFP.Graphics.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 61440 bytes
0x069A0000 Hidden Image-->CLI.Aspect.Radeon3D.Graphics.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 61440 bytes
0x069D0000 Hidden Image-->CLI.Aspect.MMVideo.Graphics.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 61440 bytes
0x00EC0000 Hidden Image-->LOG.Foundation.Implementation.DLL [ EPROCESS 0x9F24BD90 ] PID: 3180, 69632 bytes
0x00860000 Hidden Image-->LOG.Foundation.Implementation.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 69632 bytes
0x06910000 Hidden Image-->CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 69632 bytes
0x06980000 Hidden Image-->CLI.Aspect.Radeon3D.Graphics.Runtime.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 69632 bytes
0x06C00000 Hidden Image-->APM.Server.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 69632 bytes
0x05970000 Hidden Image-->ATIDEMOS.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 77824 bytes
0x06360000 Hidden Image-->CLI.Aspect.DeviceCV.Graphics.Runtime.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 77824 bytes
0x06620000 Hidden Image-->CLI.Aspect.DeviceTV.Graphics.Shared.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 77824 bytes
0x083C0000 Hidden Image-->CLI.Aspect.MMVideo.Graphics.Dashboard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 815104 bytes
0x06600000 Hidden Image-->CLI.Aspect.DeviceTV.Graphics.Runtime.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 86016 bytes
0x07200000 Hidden Image-->CLI.Aspect.MMVideo.Graphics.Runtime.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 86016 bytes
0x079C0000 Hidden Image-->CLI.Caste.Graphics.Dashboard.DLL [ EPROCESS 0x8171C8B0 ] PID: 4088, 86016 bytes
==============================================
>Files
==============================================
==============================================
>Hooks
==============================================
ntkrnlpa.exe+0x000A87AA, Type: Inline - RelativeJump 0x820F47AA-->820F47B1 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000ACD84, Type: Inline - RelativeJump 0x820F8D84-->820F8D59 [ntkrnlpa.exe]